Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343030303a3a2f34302d3438203d3e203331383938.roa
File: 326130663a316363353a343030303a3a2f34302d3438203d3e203331383938.roa (raw, json)
Hash identifier: wdh7DjKytFOa0WuoH/Vomi9AGWIPkvS+v/uTa41hYzI=
Subject key identifier: 23:29:ED:58:5E:6F:9B:67:F2:0D:ED:CE:CE:F5:40:F9:39:91:A2:FB
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 428C43CA1FC95E345193E2D7976F4EF2352539CE
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343030303a3a2f34302d3438203d3e203331383938.roa
Signing time: Fri 05 Jun 2026 08:43:58 +0000
ROA not before: Fri 05 Jun 2026 08:38:58 +0000
ROA not after: Fri 04 Jun 2027 08:43:58 +0000
asID: 31898
IP address blocks: 2a0f:1cc5:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:8c:43:ca:1f:c9:5e:34:51:93:e2:d7:97:6f:4e:f2:35:25:39:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 5 08:38:58 2026 GMT
Not After : Jun 4 08:43:58 2027 GMT
Subject: CN=2329ED585E6F9B67F20DEDCECEF540F93991A2FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:92:10:51:f4:9b:21:06:76:a9:25:7e:e5:99:
bc:09:fd:9f:81:cf:c3:4d:35:23:cb:c7:df:8e:b8:
74:f0:46:84:a2:c5:1a:eb:00:ef:f1:36:e2:39:68:
36:62:45:6e:88:60:1f:ed:2d:e1:f3:2d:fd:7d:0f:
f6:7b:de:25:c9:39:c4:6f:5e:1d:91:15:27:b4:ee:
0f:fe:1d:e9:fc:ef:14:ec:d0:74:24:05:2a:5c:7e:
c8:a5:cd:e9:e6:31:71:ee:9b:bf:01:b5:6b:c1:77:
4d:3b:80:52:65:b0:8a:40:df:3f:57:63:6a:00:80:
3a:18:42:60:6a:08:57:a0:47:a8:6f:e0:4a:c8:4a:
cb:a3:fd:76:b8:d4:1d:98:2d:0e:8c:cf:ec:6d:75:
40:b6:f4:be:00:5e:61:b5:3f:f9:75:e7:60:06:80:
61:ad:c0:b7:51:1f:ce:d5:ea:e4:4e:c5:71:6f:da:
b6:ff:b3:5f:58:2b:f3:9f:7d:6e:77:90:84:76:ba:
fe:00:3a:c2:33:5b:b0:0a:29:55:9d:50:6e:c6:70:
a4:9e:83:e1:0e:8c:ee:70:ac:2a:81:8e:87:55:ce:
65:1f:93:85:ff:0f:79:ef:1d:6e:df:c3:35:0e:72:
6b:28:16:15:2d:5f:32:ce:bf:19:14:8f:94:ed:8f:
1b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:29:ED:58:5E:6F:9B:67:F2:0D:ED:CE:CE:F5:40:F9:39:91:A2:FB
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343030303a3a2f34302d3438203d3e203331383938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:3b:4c:2a:9f:12:14:dc:d8:7e:60:04:85:cf:f0:2c:fe:b2:
fd:25:d4:ce:5a:8a:96:e6:6f:d0:8e:86:67:0f:55:35:22:78:
bc:a8:74:af:54:f2:17:cb:36:39:6b:80:43:dd:e1:62:bb:eb:
53:94:93:34:bf:db:de:51:5f:76:a4:95:67:10:55:db:57:f7:
75:12:a7:47:a9:15:8a:83:d6:a5:ef:27:36:87:2c:68:2d:42:
ac:80:49:e1:56:63:24:7b:31:50:63:44:eb:1f:2e:21:6f:c5:
61:1e:20:64:1a:c6:a7:58:a9:ee:35:4d:c1:44:d8:7a:af:31:
38:35:d0:87:ab:a8:fc:f4:45:78:34:7d:d3:79:61:a2:b3:ec:
64:45:dc:23:b9:d1:48:9d:cd:63:73:08:2e:fc:bd:00:90:4c:
62:be:c1:29:53:5b:50:71:7c:c8:ea:b3:78:19:ba:32:78:87:
25:75:36:44:b5:29:ed:e9:60:2f:59:63:53:f1:07:24:fb:96:
fd:47:08:0e:40:e9:1d:d2:7c:a4:83:e6:99:b5:80:fb:0d:49:
c8:6d:98:7c:c2:9d:3f:2a:de:b3:c4:37:67:54:cb:5c:13:b8:
2f:35:95:d6:7f:38:61:f0:a7:43:9f:73:18:ae:f5:78:f7:11:
f3:5e:1d:29
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUQoxDyh/JXjRRk+LXl29O8jUlOc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDUwODM4NThaFw0yNzA2MDQwODQzNThaMDMxMTAvBgNV
BAMTKDIzMjlFRDU4NUU2RjlCNjdGMjBERURDRUNFRjU0MEY5Mzk5MUEyRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYkhBR9JshBnapJX7lmbwJ/Z+B
z8NNNSPLx9+OuHTwRoSixRrrAO/xNuI5aDZiRW6IYB/tLeHzLf19D/Z73iXJOcRv
Xh2RFSe07g/+Hen87xTs0HQkBSpcfsilzenmMXHum78BtWvBd007gFJlsIpA3z9X
Y2oAgDoYQmBqCFegR6hv4ErISsuj/Xa41B2YLQ6Mz+xtdUC29L4AXmG1P/l152AG
gGGtwLdRH87V6uROxXFv2rb/s19YK/OffW53kIR2uv4AOsIzW7AKKVWdUG7GcKSe
g+EOjO5wrCqBjodVzmUfk4X/D3nvHW7fwzUOcmsoFhUtXzLOvxkUj5Ttjxu7AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUIyntWF5vm2fyDe3OzvVA+TmRovswHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNDMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMzMzEzODM5Mzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFQDANBgkqhkiG9w0BAQsFAAOCAQEAPDtMKp8SFNzYfmAEhc/w
LP6y/SXUzlqKluZv0I6GZw9VNSJ4vKh0r1TyF8s2OWuAQ93hYrvrU5STNL/b3lFf
dqSVZxBV21f3dRKnR6kVioPWpe8nNocsaC1CrIBJ4VZjJHsxUGNE6x8uIW/FYR4g
ZBrGp1ip7jVNwUTYeq8xODXQh6uo/PRFeDR903lhorPsZEXcI7nRSJ3NY3MILvy9
AJBMYr7BKVNbUHF8yOqzeBm6MniHJXU2RLUp7elgL1ljU/EHJPuW/UcIDkDpHdJ8
pIPmmbWA+w1JyG2YfMKdPyres8Q3Z1TLXBO4LzWV1n84YfCnQ59zGK71ePcR814d
KQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:20:20 2026 by rpki-client